SkullLocker Screenlocker

SkullLocker Screenlocker is a ransomware-type infection that was designed to lock your computer’s screen, thus, preventing you from using it altogether. This ransomware does not demand that you pay a ransom to unlock your PC. Therefore, it seems that it locks it from the sake of locking it. The good news, however, is that you can easily bypass this lock screen and remove this infection. We recommend that you put in the effort to get rid of it because it will launch again the next time you boot up your computer.

While there is no reliable information on how this particular ransomware is distributed, we assume that it is likely that this program’s developers have set up a dedicated email server to send this ransomware in spam mail automatically. The emails can be disguised as legitimate and point you to the attached file that can be disguised as a PDF file. However, the file is most likely an executable that, once run, will infect your PC and lock its screen immediately. Therefore, we advise caution when dealing with emails received from knowingly unknown sources that look suspicious.

If SkullLocker Screenlocker were to infect your computer, then it will employ its lock screen immediately. The resulting screen features a grayish image of a skull with a black background and text written in a red font. The text says "Your screen has been blocked. To exit put password in the box.” Oddly enough, its lock screen also features a code that should allegedly unlock your PC. However, if you enter it and click Verify, then you will be presented with another screen that reads “YOUR SCREEN IS LOCKED YOU CANNOT GET OUT!” The good news is that you can bypass this lock screen rather easily. If you press Alt+F4 on your keyboard, then it will close it, but if you do not delete it, then your computer’s screen will be locked again the next time you turn it on. Our research has revealed that this ransomware creates a Point of Execution (PoE) that is set to launch this ransomware’s executable on system startup. The PoE is a registry sub key at HKCU\Software\Microsoft\Windows\CurrentVersion\Run and its value name is “Application” and its value data should point to the location were the executable is situated (e.g. %USERSPROFILE%\Desktop\(random name).exe). The name of the executable can be random so you may have trouble identifying it.

As you can see, SkullLocker Screenlocker is one nasty computer infection that can lock your computer’s screen and, thus, prevent you from using it. While this program is classified as ransomware, it does not actually demand that you pay a ransom. In its current form, it just locks the screen for the sake of locking it. This may change in the future, however, as this can be a test version. Luckily, in its current form, this ransomware is not a problem to delete. We have included a manual removal guide that you can consult below.

How to get rid of SkullLocker Screenlocker

Press Alt+F4 to close the lock screen.

Press Win+R keys.

Type regedit in the box and hit Enter.

Go to HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Find the value name Application

Note the value data (e.g. %USERSPROFILE%\Desktop\(random name).exe)

Right-click Application and click Delete.

Close the Registry Editor.

Press Windows+E keys.

Enter the file path of the executable (e.g. %USERSPROFILE%\Desktop\(random name).exe)